package com.dwj.auto.comment.common.security.filter;

import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSONObject;
import com.dwj.auto.comment.common.security.UserAuthenticationManager;
import com.dwj.auto.comment.common.security.UserLoginFailureHandler;
import com.dwj.auto.comment.common.security.UserLoginSuccessHandler;
import com.dwj.auto.comment.common.security.config.SecurityProperties;
import com.dwj.auto.comment.common.utils.MultiReadHttpServletRequest;
import com.dwj.auto.comment.common.utils.RedisCacheUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author: dangweijian
 * @description: 用户认证过滤器
 * @create: 2020-07-10 15:58
 **/
@Slf4j
@Component
public class UserAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {

    /**
     * @param securityProperties 配置（从配置中读取登录url）
     * @param authenticationManager 认证管理器
     * @param adminAuthenticationSuccessHandler 认证成功处理器
     * @param adminAuthenticationFailureHandler 认证失败处理器
     */
    public UserAuthenticationProcessingFilter(SecurityProperties securityProperties, UserAuthenticationManager authenticationManager, UserLoginSuccessHandler adminAuthenticationSuccessHandler, UserLoginFailureHandler adminAuthenticationFailureHandler) {
        super(new AntPathRequestMatcher(securityProperties.getAuthApi(), HttpMethod.POST.name()));
        this.setAuthenticationManager(authenticationManager);
        this.setAuthenticationSuccessHandler(adminAuthenticationSuccessHandler);
        this.setAuthenticationFailureHandler(adminAuthenticationFailureHandler);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        if (request.getContentType() == null || !request.getContentType().contains("application/json")) {
            throw new AuthenticationServiceException("请求头类型不支持: " + request.getContentType());
        }
        UsernamePasswordAuthenticationToken authRequest;
        try {
            MultiReadHttpServletRequest wrappedRequest = new MultiReadHttpServletRequest(request);
            // 将前端传递的数据转换成jsonBean数据格式
            JSONObject jsonObject = JSONObject.parseObject(wrappedRequest.getBodyJsonStrByJson(wrappedRequest));
            String code = jsonObject.getString("code");
            String uuid = jsonObject.getString("uuid");
            if(StrUtil.isEmpty(code) || StrUtil.isEmpty(uuid) || !code.equals(RedisCacheUtil.get(uuid, String.class))) {
                throw new AuthenticationServiceException("验证码错误");
            }
            authRequest = new UsernamePasswordAuthenticationToken(jsonObject.get("username"),jsonObject.get("password"), null);
            authRequest.setDetails(authenticationDetailsSource.buildDetails(wrappedRequest));
        } catch (Exception e) {
            throw new AuthenticationServiceException(e.getMessage());
        }
        return this.getAuthenticationManager().authenticate(authRequest);
    }
}
